v0.26.7

• Fix CLI regression for user and admin commands due to DB initialization order changes.
• Fix missing version identifier in --version for CI release builds. There were two issues: shallow checkouts and permissions for docker MUSL builds.
• Admin UI: For geospatial data show EWKT SRID only when present and fix form prefill during record update for WKT.
• Add &skip_cursor parameter for RecordAPI listing to help with GeoJSON consumers who don't support the foreign_member standard extension.
• More work towards untangling TrailBase from SQLite specifics: make lock acquisition fallible.
• Update dependencies.

Full Changelog: v0.26.6...v0.26.7

v0.26.6

• Admin UI improvements:
  • Allow using WKT-formatted geometries in row insert/update forms.
  • Early client-side validation of RecordAPI names.
  • Show toast close button on small screens w/o hover.
• Add execute_batch() to SyncConnectionTrait for downstream schema metadata building code.
• Remove more use-cases of leaky Connection::write_lock() abstraction.
• Update dependencies.

Full Changelog: v0.26.5...v0.26.6

v0.26.5

• Remove most leaky abstractions from trailbase_sqlite::Connection:
  • Introduce an async Connection::transaction() API to remove many .call_reader() calls.
  • Add a SyncConnection for the remaining batch uses of .call_reader().
  • Add a dedicated backup API.
  • Add a first-party Statement abstraction to allow binding parameters to other clients.
  • Clean-up a few more overlooked uses and narrow ToSqlProxy's lifetimes.
• Add a new refinery driver using above async transaction() API.
• Use new APIs in TransactionRecorder used for migrations.
• Increase statement cache size.
• Minor: replace kanal with flume everywhere.
• Update dependencies.

Full Changelog: v0.26.4...v0.26.5

v0.26.4

• Use WASI resources to model WASM transactions more correctly. Also spawn a watcher task that force-unlocks the DB after a deadline for better isolation from user code.
  • The new APIs are transparent and implemented in a backwards-compatible way, i.e. if you rebuild your WASM guests against future releases of the guest runtimes you'll pick up those changes.
• Make server limits more configurable: rate limits and body size limits.
• Add "created" and "last-updated" timestamps to accounts page in admin UI.
• Switch SQLite execution model from kanal to flume to allow the writer to lend a hand with reads.
• Mark read connections as explicitly query_only.
• More work towards untangling from rusqlite: remove more uses of leaky abstractions and make error handling generic.
• Update dependencies.

Full Changelog: v0.26.3...v0.26.4

v0.26.3

• Make trailbase-sqlite's abstractions less leaky, i.e. don't depend on rusqlite's internals as much. This is a pre-requisite if we wanted to support other drivers and DBs.
• Fix and clean-up trailbase-sqlite's execution engine.
• Update clients across all languages to automatically "log out" on token refresh when a 401 (Unauthorized) error is received.
• Stricter "read-only" query filtering for WASM guests. Sqlean's SELECT define() statements are actually mutating. Maybe it's time to remove sqlean. It predates JS and WASM components and may have overstayed its welcome.
• Allow loading *.wasm components from symlinks.
• Tweak auth-ui's profile page to properly clean-up invalid cookie tokens.
• Fix a few small issues with the blog example.
• Update dependencies.

Full Changelog: v0.26.2...v0.26.3

v0.26.2

• Fork the reactivate crate to streamline it and make it lock-free. Previously, accessing the config would require claiming an eclusive lock.
• Remove unsafe query construction from WASM guest examples and add utilities for escaping safe SQL string literals to the guest runtimes.
• Fix wiring of new redirect_uri_allowlist config option.

Full Changelog: v0.26.1...v0.26.2

v0.26.1

• Add an redirect_uri_allowlist config option to enable select off-site auth redirects.
• Fix escaping of migration file names to work for any unicode characters.
• Fix escaping of named placeholders to work for any unicode characters.
• Update Rust and JavaScript dependencies.

Full Changelog: v0.26.0...v0.26.1

v0.26.0

• Overhaul change subscriptions:
  • Minimize work done on SQLite's pre-update hook.
  • Push brokering into separate thread and ACL-checking+filtering into handler tasks.
  • Simplify locking.
  • Add layered sequence numbers to track both, server-side event losses (e.g. due to back-pressure) and allow clients to detect client-side losses (e.g. due to unreliable network).
  • Add structured status to error events. This changes the wire-format and is a breaking change. While this only affects errors, users of change subscriptions should update their client.
    • We did also explore switching from an externally to an internally tagged union format. However, externally tagged is the way to go for change event schemas with something like JSON schema or Avro.
  • Update all the clients that support change subscriptions, i.e. all but Swift.
  • Add stress-tests.
• Fix ATTACH DATABASE calls from WASM guests.
• Update dependencies.

Full Changelog: v0.25.4...v0.26.0

v0.25.4

• Fix MacOS release workflows.

Full Changelog: v0.25.3...v0.25.4

v0.25.3

• Concurrent SELECTs for WASM guests.
  • The guest APIs don't distinguish between reads and writes, hence everything was assumed to be potentially mutating.
  • We're now "pre-parsing" queries to handle SELECTs and ATTACH/DETACH DATABASE specially and multiplex to multiple connections.
• Stricter Content-Type handling and some preparations for supporting more encodings. This is part of an exploration to support Avro.
• Fix JSON schemas for nullable JSON and expanded foreign key columns.
• Add JSON input/output validation to record APIs in debug builds.
• Update dependencies.

What's Changed

• Blog example: Increase Node version to 22 in Dockerfile by @yguenduez in #224

New Contributors

• @yguenduez made their first contribution in #224

Full Changelog: v0.25.2...v0.25.3